$ rpki-client -vvf repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3136323a3a2f34382d3438203d3e20313533303837.roa File: 323430343a393763303a3136323a3a2f34382d3438203d3e20313533303837.roa (raw, json) Hash identifier: xoql0u4cJ/KRzzlhzdPt4uyRXe/QNmDlgTST+s7tLx0= Subject key identifier: 42:66:2E:B6:EB:FB:1A:43:80:AE:4A:DE:F0:62:61:6E:38:3F:BD:39 Certificate issuer: /CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Certificate serial: 0EBC52C464F423DC8305B50AD49CEABE87F73312 Authority key identifier: 4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject info access: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3136323a3a2f34382d3438203d3e20313533303837.roa Signing time: Fri 11 Jul 2025 12:00:02 +0000 ROA not before: Fri 11 Jul 2025 11:55:02 +0000 ROA not after: Fri 10 Jul 2026 12:00:02 +0000 asID: 153087 IP address blocks: 2404:97c0:162::/48 maxlen: 48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 05:36:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:bc:52:c4:64:f4:23:dc:83:05:b5:0a:d4:9c:ea:be:87:f7:33:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4DF3DB3DA21D0022202130736E4CCB048C1D5158 Validity Not Before: Jul 11 11:55:02 2025 GMT Not After : Jul 10 12:00:02 2026 GMT Subject: CN=42662EB6EBFB1A4380AE4ADEF062616E383FBD39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:64:56:5a:cd:08:8b:86:e6:e4:46:96:db:1e: 96:c3:9a:88:4e:4b:5a:2d:f1:4e:c0:5e:e6:cc:d1: ee:ec:04:ea:87:3f:00:c1:eb:8f:32:9d:79:dc:ec: 70:24:83:38:76:01:fb:18:e8:16:19:7e:2f:4c:5c: aa:a2:31:c6:f1:60:df:04:1d:91:08:be:f4:b9:35: 12:b1:1c:81:89:56:ee:47:77:61:a8:80:00:a8:cb: bc:5e:bc:16:60:b4:e1:c4:8d:67:b7:7c:49:04:21: c6:ae:50:a9:8f:fd:52:ec:83:ac:d3:88:14:bd:40: 6c:ef:f6:ce:6b:77:ff:19:7b:89:b8:b7:c8:cb:12: 29:00:34:66:45:71:4a:73:79:25:b4:aa:87:16:ea: b2:e3:5c:e0:a7:9d:36:d6:52:e9:72:c3:30:d1:28: 9e:e5:8f:59:3d:33:36:2a:6b:87:9a:93:f1:76:f1: 6e:7d:65:20:d7:00:72:35:f5:58:94:71:dd:7e:14: 17:cc:a6:f8:6a:84:2d:58:1d:42:17:7c:38:df:5f: 9a:08:4c:e6:c7:c6:21:12:d8:c0:bc:90:da:21:85: 13:70:97:8a:42:6d:14:33:65:21:ea:9d:60:f3:03: 90:52:79:14:d9:dc:b1:8b:61:ca:0e:73:3c:22:6c: 31:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:66:2E:B6:EB:FB:1A:43:80:AE:4A:DE:F0:62:61:6E:38:3F:BD:39 X509v3 Authority Key Identifier: keyid:4D:F3:DB:3D:A2:1D:00:22:20:21:30:73:6E:4C:CB:04:8C:1D:51:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/4DF3DB3DA21D0022202130736E4CCB048C1D5158.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4DF3DB3DA21D0022202130736E4CCB048C1D5158.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ded5811-be50-4caa-9f96-63d3720311de/1/323430343a393763303a3136323a3a2f34382d3438203d3e20313533303837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2404:97c0:162::/48 Signature Algorithm: sha256WithRSAEncryption 0e:45:bd:6b:32:19:52:71:5d:6e:45:49:c5:38:31:f7:74:71: 35:4c:55:c8:6b:e0:78:d9:b4:39:b2:74:2a:22:b1:86:e4:12: 2d:9d:3f:86:ef:fc:4d:08:ec:18:6e:e2:6c:e9:01:5b:30:46: 77:9f:a6:40:1f:26:e3:2a:85:95:c8:bb:27:e9:3b:92:53:06: 53:80:d6:32:49:ba:8a:ee:c1:8a:a4:51:e4:ba:04:0c:94:fc: cb:68:ab:0d:90:52:61:46:ef:0a:73:be:06:62:6f:7a:65:62: 98:05:1f:f8:86:e6:f6:f3:04:68:3f:1d:cf:ae:94:7e:0c:a3: 0c:53:37:f7:4c:47:ee:52:6f:41:97:55:20:c6:69:4c:dd:ff: 2c:13:d9:8c:01:c2:b7:d9:c4:28:c0:2c:6d:23:87:2e:47:9a: 80:c5:4a:5d:f8:aa:6c:38:7c:1c:32:9c:77:29:ef:59:06:e4: 36:cb:9f:9c:07:9a:02:c1:db:e0:8b:70:cb:c9:74:51:13:63: cb:02:31:5a:a9:48:17:71:cd:db:0b:3d:08:ec:77:8c:65:91: 64:a4:86:5a:27:fa:e8:d7:d0:67:ec:35:58:49:5b:05:55:c0: 0b:f4:73:55:4e:44:1b:44:77:22:89:ad:a2:dd:f4:15:b2:f2: cf:91:65:52 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUDrxSxGT0I9yDBbUK1Jzqvof3MxIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4 QzFENTE1ODAeFw0yNTA3MTExMTU1MDJaFw0yNjA3MTAxMjAwMDJaMDMxMTAvBgNV BAMTKDQyNjYyRUI2RUJGQjFBNDM4MEFFNEFERUYwNjI2MTZFMzgzRkJEMzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOZFZazQiLhubkRpbbHpbDmohO S1ot8U7AXubM0e7sBOqHPwDB648ynXnc7HAkgzh2AfsY6BYZfi9MXKqiMcbxYN8E HZEIvvS5NRKxHIGJVu5Hd2GogACoy7xevBZgtOHEjWe3fEkEIcauUKmP/VLsg6zT iBS9QGzv9s5rd/8Ze4m4t8jLEikANGZFcUpzeSW0qocW6rLjXOCnnTbWUulywzDR KJ7lj1k9MzYqa4eak/F28W59ZSDXAHI19ViUcd1+FBfMpvhqhC1YHUIXfDjfX5oI TObHxiES2MC8kNohhRNwl4pCbRQzZSHqnWDzA5BSeRTZ3LGLYcoOczwibDHLAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUQmYutuv7GkOArkre8GJhbjg/vTkwHwYDVR0j BBgwFoAUTfPbPaIdACIgITBzbkzLBIwdUVgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x ZGVkNTgxMS1iZTUwLTRjYWEtOWY5Ni02M2QzNzIwMzExZGUvMS80REYzREIzREEy MUQwMDIyMjAyMTMwNzM2RTRDQ0IwNDhDMUQ1MTU4LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvNERGM0RCM0RBMjFEMDAyMjIwMjEzMDczNkU0Q0NCMDQ4QzFE NTE1OC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkZWQ1ODExLWJlNTAtNGNhYS05 Zjk2LTYzZDM3MjAzMTFkZS8xLzMyMzQzMDM0M2EzOTM3NjMzMDNhMzEzNjMyM2Ez YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzAzODM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJASX wAFiMA0GCSqGSIb3DQEBCwUAA4IBAQAORb1rMhlScV1uRUnFODH3dHE1TFXIa+B4 2bQ5snQqIrGG5BItnT+G7/xNCOwYbuJs6QFbMEZ3n6ZAHybjKoWVyLsn6TuSUwZT gNYySbqK7sGKpFHkugQMlPzLaKsNkFJhRu8Kc74GYm96ZWKYBR/4hub28wRoPx3P rpR+DKMMUzf3TEfuUm9Bl1UgxmlM3f8sE9mMAcK32cQowCxtI4cuR5qAxUpd+Kps OHwcMpx3Ke9ZBuQ2y5+cB5oCwdvgi3DLyXRRE2PLAjFaqUgXcc3bCz0I7HeMZZFk pIZaJ/ro19Bn7DVYSVsFVcAL9HNVTkQbRHciia2i3fQVsvLPkWVS -----END CERTIFICATE-----Generated at Fri Jul 25 13:04:34 2025 by rpki-client